Bitglass, profile picture
Uploaded byBitglass
PPTX, PDF260 views

CASBs - A New Hope

The document outlines the role of Cloud Access Security Brokers (CASBs) in securing cloud applications and managing shadow IT by providing visibility, data protection, and identity management across various cloud platforms. It highlights the inadequacies of existing Office 365 security measures and presents CASBs as an effective solution with an agentless, data-centric approach to enhance security across all devices. Additionally, the document includes case studies demonstrating the successful implementation of CASBs in organizations to mitigate data risks associated with cloud adoption.

Embed presentation

Downloaded 13 times
CASBs: A New Hope A long time ago in a CISOs old security strategy
STORYBOARDS enterprise (CASB) end-user devices visibility & analytics data protection identity & access control application storage servers network CASBs secure data across any cloud app app vendor
STORYBOARDS shadow IT The clone wars: In the beginning before the republic was sabotaged by the empire: Translation - Shadow IT was all we knew
STORYBOARDS shadow IT gain visibility into your org’s cloud usage ■ Identify unsanctioned apps in use in your organization ○ Understand risk profiles of these frequently used apps ■ Intelligent, time-saving alerts out of the box
STORYBOARDS shadow IT API- based approach Revenge of the Sith: The empire began growing powerful with their management of security approach Translation - Orgs. are limited with limited API security
STORYBOARDS data-at-rest in the cloud api control visibility and control of cloud data ● DLP scans & quarantine ● modify sharing permissions ● watermark, DRM, redact, encrypt ● proxy-accelerated API-scans 6
STORYBOARDS ■ BYOD blindspot - O365 DLP is not geared toward protecting data on BYOD ■ High operational overhead - Complex to configure and maintain ■ Difficult deployment - Sharepoint/OneDrive DLP integration requires Office 2016 on PCs ■ High cost - Must have top of the line license ■ Point solution - Support focused on Office 365, what about other cloud apps? office 365 native dlp: complex, costly, and doesn’t work across apps
STORYBOARDS shadow IT API-based approach API + in- line A New Hope: The Rebels emerged with a new way to secure SAAS applications with an agentless in-line approach. The old republic (empire) methods were still used to maintain balance with the force.
STORYBOARD how casb security works reverse proxy ■ unmanaged device controls without agents forward proxy ■ managed devices controls activesync proxy ■ secure email, calendar, etc on any mobile device ■ device level security - wipe, encryption, PIN etc
STORYBOARDS casb security a data-centric approach ■ Cloud data doesn’t exist only “in the cloud” ■ IT must protect data at access and on any device ○ Granular DLP ○ Context-aware to distinguish between users, device type, more
STORYBOARDS 3 top MDM vendors do not use their own product Bitglass BYOD Security Survey 2015 MDM is obsolete 67% would participate in BYOD if IT couldn’t access personal data & apps 38% of IT professionals don’t participate in their own BYOD security programs
STORYBOARDS mobile security cloud and mobile are inseparable ■ IT must enable secure access to cloud apps from any device ■ BYOD poses a threat to data security due to a lack of visibility and control after download ■ CASBs accommodate user BYOD
STORYBOARDS casb identity centralized identity management is key in securing data ■ CASBs offer integrated identity management across apps ■ Limit potential breaches with step-up multifactor auth for high risk logins
STORYBOARDS secure office 365 + byod client: ■ 35,000 employees globally challenge: ■ Inadequate native O365 security ■ Controlled access from any device ■ Limit external sharing ■ Interoperable with existing infrastructure, e.g. Bluecoat, ADFS solution: ■ Real-time data visibility and control ■ DLP policy enforcement at upload or download ■ Quarantine externally-shared sensitive files in cloud ■ Controlled unmanaged device access ■ Shadow IT & Breach discovery fortune 50 healthcare firm
STORYBOARDS ■ 15,000 employees in 190+ locations globally challenge: ■ Mitigate risks of Google Apps adoption ■ Prevent sensitive data from being stored in the cloud ■ Limit data access based on device risk level ■ Govern external sharing solution: ■ Inline data protection for unmanaged devices/BYOD ■ Bidirectional DLP secure google apps + byod business data giant
STORYBOARDS about bitglass total data protection est. jan 2013 100+ customer s tier 1 VCs
resources: more info about cloud security ■ whitepaper: the definitive guide to CASBs ■ report: cloud adoption by industry ■ case study: fortune 100 healthcare firm secure O365
STORYBOARDS bitglass.com @bitglass

More Related Content

PPTX
Office 365 Security: How to Safeguard Your Data
byBitglass
 
PPTX
4 Essential Components of Office 365 Security
byBitglass
 
PPTX
securing the cloud for financial services
byBitglass
 
PPTX
5 Security Questions To Ask When Deploying O365
byBitglass
 
PPTX
Empowering the Cloud Through G Suite
byBitglass
 
PPTX
The Future of CASBs - A Cloud Security Force Awakens
byBitglass
 
PPTX
CASBs and Office 365: The Security Menace
byBitglass
 
PPTX
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
byBitglass
 
Office 365 Security: How to Safeguard Your Data
byBitglass
 
4 Essential Components of Office 365 Security
byBitglass
 
securing the cloud for financial services
byBitglass
 
5 Security Questions To Ask When Deploying O365
byBitglass
 
Empowering the Cloud Through G Suite
byBitglass
 
The Future of CASBs - A Cloud Security Force Awakens
byBitglass
 
CASBs and Office 365: The Security Menace
byBitglass
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
byBitglass
 

What's hot

PPTX
Webinar bitglass - complete deck-2
byBitglass
 
PPTX
Bridging the Office 365 Security Gap - Redmond Media
byBitglass
 
PPTX
CASB Cases: How Your Peers are Securing the Cloud
byBitglass
 
PPTX
Webinar Express: What is a CASB?
byBitglass
 
PPTX
O365 security and privacy de_novo_event_july2014
byAlexey Vlasenko
 
PPTX
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
byBitglass
 
PPTX
CASBs: Real World Use Cases
byBitglass
 
PPTX
CASBs: Critical Capabilities - in partnership with ISC(2)
byBitglass
 
PPTX
ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
byBitglass
 
PPTX
Developing a Secure and Compliant Cloud Strategy for Financial Services
byBitglass
 
PPTX
Bitglass Webinar - Top 6 CASB Use Cases
byBitglass
 
PPTX
Bitglass Webinar - A Primer on CASBs and Cloud Security
byBitglass
 
PPTX
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
byBitglass
 
PPTX
Webinar - Bitglass and CyberEdge - Hidden Security Threats
byBitglass
 
PPTX
Securing IaaS Applications
byBitglass
 
PPTX
Security and Accountability in the Cloud (in partnership with SANS)
byBitglass
 
PPTX
The Four Horsemen of the O365 Apocalypse
byBitglass
 
DOCX
Cloud Access Security Broker (CASB)
byrkulandaivel
 
PPTX
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
byBitglass
 
PDF
Zero Trust Enterprise Network at Adobe
byVishwas Manral
 
Webinar bitglass - complete deck-2
byBitglass
 
Bridging the Office 365 Security Gap - Redmond Media
byBitglass
 
CASB Cases: How Your Peers are Securing the Cloud
byBitglass
 
Webinar Express: What is a CASB?
byBitglass
 
O365 security and privacy de_novo_event_july2014
byAlexey Vlasenko
 
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
byBitglass
 
CASBs: Real World Use Cases
byBitglass
 
CASBs: Critical Capabilities - in partnership with ISC(2)
byBitglass
 
ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
byBitglass
 
Developing a Secure and Compliant Cloud Strategy for Financial Services
byBitglass
 
Bitglass Webinar - Top 6 CASB Use Cases
byBitglass
 
Bitglass Webinar - A Primer on CASBs and Cloud Security
byBitglass
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
byBitglass
 
Webinar - Bitglass and CyberEdge - Hidden Security Threats
byBitglass
 
Securing IaaS Applications
byBitglass
 
Security and Accountability in the Cloud (in partnership with SANS)
byBitglass
 
The Four Horsemen of the O365 Apocalypse
byBitglass
 
Cloud Access Security Broker (CASB)
byrkulandaivel
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
byBitglass
 
Zero Trust Enterprise Network at Adobe
byVishwas Manral
 

Viewers also liked

PDF
Workshop: Threat Intelligence - Part 1
byPriyanka Aash
 
PPT
Andreea Bereczky: "Knowledge Based Economy project"
byTELECENTRE EUROPE
 
PPTX
WXRCTVYV
bykshraddha9
 
PPTX
revisedhoneypot429
byAlan Wennersten
 
PDF
Container con toronto
byDan Lambright
 
PPTX
Webinar: are casbs ready for primetime?
byBitglass
 
PDF
20160713 2016 the honeynet projct annual workshop focus and global trends
byYi-Lang Tsai
 
PDF
In Plain Sight: The Perfect Exfiltration
byItzik Kotler
 
PPTX
CYBER SECURITY
byVaishak Chandran
 
PDF
Derbycon Bromium Labs: Sandboxes
byBromium Labs
 
PPTX
zero day exploits
byAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
PPTX
8 questions to ask when evaluating a Cloud Access Security Broker
byBitglass
 
PPTX
If We Only Had the Time: How Security Teams Can Focus On What’s Important
byNathan Burke
 
PDF
Overview
byNathan Burke
 
PDF
The Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and Canary
byRed Hat Developers
 
PPTX
How to Select a Security Visibility Solution
byNETSCOUT
 
PPTX
Enterprise Networks: No Tool Left Behind
byNETSCOUT
 
PDF
Honeycon2016-honeypot updates for public
byJulia Yu-Chin Cheng
 
PDF
Cloud-Enabled: The Future of Endpoint Security
byCrowdStrike
 
Workshop: Threat Intelligence - Part 1
byPriyanka Aash
 
Andreea Bereczky: "Knowledge Based Economy project"
byTELECENTRE EUROPE
 
WXRCTVYV
bykshraddha9
 
revisedhoneypot429
byAlan Wennersten
 
Container con toronto
byDan Lambright
 
Webinar: are casbs ready for primetime?
byBitglass
 
20160713 2016 the honeynet projct annual workshop focus and global trends
byYi-Lang Tsai
 
In Plain Sight: The Perfect Exfiltration
byItzik Kotler
 
CYBER SECURITY
byVaishak Chandran
 
Derbycon Bromium Labs: Sandboxes
byBromium Labs
 
zero day exploits
byAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
8 questions to ask when evaluating a Cloud Access Security Broker
byBitglass
 
If We Only Had the Time: How Security Teams Can Focus On What’s Important
byNathan Burke
 
Overview
byNathan Burke
 
The Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and Canary
byRed Hat Developers
 
How to Select a Security Visibility Solution
byNETSCOUT
 
Enterprise Networks: No Tool Left Behind
byNETSCOUT
 
Honeycon2016-honeypot updates for public
byJulia Yu-Chin Cheng
 
Cloud-Enabled: The Future of Endpoint Security
byCrowdStrike
 

Similar to CASBs - A New Hope

PPTX
Top 5 Cloud Security Threats in Healthcare
byBitglass
 
PPTX
Mitigating the Top 5 Cloud Security Threats
byBitglass
 
PPTX
CASBs: 8 Critical Capabilities in partnership with ISMG Media Group
byBitglass
 
PPTX
Cloud Access Security Brokers - CASB
bySamrat Das
 
PPTX
casb_by_.pptx
byshahnawaz_pirates
 
PDF
Cloud Access Security Brokers
byAbhishek Tripathi
 
PDF
Cloud Access Security Brokers
byAbhishek Tripathi
 
PPTX
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
byHimani Singh
 
PPTX
CASB sase ztna slides and Overview.pptx
bynavaneethk36
 
PDF
CASB — Your new best friend for safe cloud adoption?
byDigital Transformation EXPO Event Series
 
PPTX
netskope and inner view into the overview.pptx
bynavaneethk36
 
PPTX
CASB: Securing your cloud applications
byForcepoint LLC
 
PDF
Symantec Webinar | Tips for Successful CASB Projects
bySymantec
 
PDF
Data Protection & Shadow IT in a cloud era
byDavid De Vos
 
PDF
ISSA: Cloud data security
byUlf Mattsson
 
PPTX
CSA Research: Mitigating Cloud Threats
byBitglass
 
PDF
8 major facts you must know before you buying a casb
byciphercloud1
 
PPTX
5 Highest-Impact CASB Use Cases - Office 365
byNetskope
 
PDF
Session 2017 CASB: the Swiss army knife that wants to be a magic wand - en re...
byJean-François LOMBARDO
 
PPTX
ISC(2) Security Briefing Part 3 - Enabling Secure BYOD with CASBs
byBitglass
 
Top 5 Cloud Security Threats in Healthcare
byBitglass
 
Mitigating the Top 5 Cloud Security Threats
byBitglass
 
CASBs: 8 Critical Capabilities in partnership with ISMG Media Group
byBitglass
 
Cloud Access Security Brokers - CASB
bySamrat Das
 
casb_by_.pptx
byshahnawaz_pirates
 
Cloud Access Security Brokers
byAbhishek Tripathi
 
Cloud Access Security Brokers
byAbhishek Tripathi
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
byHimani Singh
 
CASB sase ztna slides and Overview.pptx
bynavaneethk36
 
CASB — Your new best friend for safe cloud adoption?
byDigital Transformation EXPO Event Series
 
netskope and inner view into the overview.pptx
bynavaneethk36
 
CASB: Securing your cloud applications
byForcepoint LLC
 
Symantec Webinar | Tips for Successful CASB Projects
bySymantec
 
Data Protection & Shadow IT in a cloud era
byDavid De Vos
 
ISSA: Cloud data security
byUlf Mattsson
 
CSA Research: Mitigating Cloud Threats
byBitglass
 
8 major facts you must know before you buying a casb
byciphercloud1
 
5 Highest-Impact CASB Use Cases - Office 365
byNetskope
 
Session 2017 CASB: the Swiss army knife that wants to be a magic wand - en re...
byJean-François LOMBARDO
 
ISC(2) Security Briefing Part 3 - Enabling Secure BYOD with CASBs
byBitglass
 

More from Bitglass

PPTX
Webinar - Mobile Security Trends
byBitglass
 
PPTX
Security O365 Using AI-based Advanced Threat Protection
byBitglass
 
PPTX
6 essentials for secure BYOD in healthcare
byBitglass
 
PPTX
CASBs and Office 365 (with Argyle)
byBitglass
 
PPTX
Webinar Express: Securing BYOD without MDM
byBitglass
 
PPTX
The Security Gap: Protecting Healthcare Data in Office 365
byBitglass
 
PPTX
Data-Centric Protection: The Future of BYOD Security
byBitglass
 
Webinar - Mobile Security Trends
byBitglass
 
Security O365 Using AI-based Advanced Threat Protection
byBitglass
 
6 essentials for secure BYOD in healthcare
byBitglass
 
CASBs and Office 365 (with Argyle)
byBitglass
 
Webinar Express: Securing BYOD without MDM
byBitglass
 
The Security Gap: Protecting Healthcare Data in Office 365
byBitglass
 
Data-Centric Protection: The Future of BYOD Security
byBitglass
 

Recently uploaded

PDF
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PDF
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
 
PDF
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
PDF
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
PDF
Post Quantum Cryptography for Dummies.pdf
byAde Ismail Isnan
 
PDF
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
PDF
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
 
PPTX
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 
PDF
GenerationAI Paris 2025 | City of Light (COL)
byapidays
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
AI for Risk Management & Fraud Detection ppt.pdf
byalexmartincaneda
 
PPTX
Celonis Optimizing your future with process
bydevjeremyappleyard
 
PDF
Rustici Software: eLearning standards in the age of AI
byRustici Software
 
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
Self-Correction Failure Diagnostic: Detecting Drift in Complex Systems
bySystems Research Group
 
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
Post Quantum Cryptography for Dummies.pdf
byAde Ismail Isnan
 
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
 
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 
GenerationAI Paris 2025 | City of Light (COL)
byapidays
 
Designing a Blog Using Wordpress
bymarkzubi50
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
AI for Risk Management & Fraud Detection ppt.pdf
byalexmartincaneda
 
Celonis Optimizing your future with process
bydevjeremyappleyard
 
Rustici Software: eLearning standards in the age of AI
byRustici Software
 

CASBs - A New Hope

  • 1.
    CASBs: A New Hope A longtime ago in a CISOs old security strategy
  • 2.
    STORYBOARDS enterprise (CASB) end-user devices visibility &analytics data protection identity & access control application storage servers network CASBs secure data across any cloud app app vendor
  • 3.
    STORYBOARDS shadow IT The clone wars: Inthe beginning before the republic was sabotaged by the empire: Translation - Shadow IT was all we knew
  • 4.
    STORYBOARDS shadow IT gain visibilityinto your org’s cloud usage ■ Identify unsanctioned apps in use in your organization ○ Understand risk profiles of these frequently used apps ■ Intelligent, time-saving alerts out of the box
  • 5.
    STORYBOARDS shadow IT API- based approach Revenge of theSith: The empire began growing powerful with their management of security approach Translation - Orgs. are limited with limited API security
  • 6.
    STORYBOARDS data-at-rest in thecloud api control visibility and control of cloud data ● DLP scans & quarantine ● modify sharing permissions ● watermark, DRM, redact, encrypt ● proxy-accelerated API-scans 6
  • 7.
    STORYBOARDS ■ BYOD blindspot- O365 DLP is not geared toward protecting data on BYOD ■ High operational overhead - Complex to configure and maintain ■ Difficult deployment - Sharepoint/OneDrive DLP integration requires Office 2016 on PCs ■ High cost - Must have top of the line license ■ Point solution - Support focused on Office 365, what about other cloud apps? office 365 native dlp: complex, costly, and doesn’t work across apps
  • 8.
    STORYBOARDS shadow IT API-based approach API + in- line ANew Hope: The Rebels emerged with a new way to secure SAAS applications with an agentless in-line approach. The old republic (empire) methods were still used to maintain balance with the force.
  • 9.
    STORYBOARD how casb securityworks reverse proxy ■ unmanaged device controls without agents forward proxy ■ managed devices controls activesync proxy ■ secure email, calendar, etc on any mobile device ■ device level security - wipe, encryption, PIN etc
  • 10.
    STORYBOARDS casb security a data-centricapproach ■ Cloud data doesn’t exist only “in the cloud” ■ IT must protect data at access and on any device ○ Granular DLP ○ Context-aware to distinguish between users, device type, more
  • 11.
    STORYBOARDS 3 top MDM vendors donot use their own product Bitglass BYOD Security Survey 2015 MDM is obsolete 67% would participate in BYOD if IT couldn’t access personal data & apps 38% of IT professionals don’t participate in their own BYOD security programs
  • 12.
    STORYBOARDS mobile security cloud andmobile are inseparable ■ IT must enable secure access to cloud apps from any device ■ BYOD poses a threat to data security due to a lack of visibility and control after download ■ CASBs accommodate user BYOD
  • 13.
    STORYBOARDS casb identity centralized identitymanagement is key in securing data ■ CASBs offer integrated identity management across apps ■ Limit potential breaches with step-up multifactor auth for high risk logins
  • 14.
    STORYBOARDS secure office 365 + byod client: ■35,000 employees globally challenge: ■ Inadequate native O365 security ■ Controlled access from any device ■ Limit external sharing ■ Interoperable with existing infrastructure, e.g. Bluecoat, ADFS solution: ■ Real-time data visibility and control ■ DLP policy enforcement at upload or download ■ Quarantine externally-shared sensitive files in cloud ■ Controlled unmanaged device access ■ Shadow IT & Breach discovery fortune 50 healthcare firm
  • 15.
    STORYBOARDS ■ 15,000 employeesin 190+ locations globally challenge: ■ Mitigate risks of Google Apps adoption ■ Prevent sensitive data from being stored in the cloud ■ Limit data access based on device risk level ■ Govern external sharing solution: ■ Inline data protection for unmanaged devices/BYOD ■ Bidirectional DLP secure google apps + byod business data giant
  • 16.
  • 17.
    resources: more info aboutcloud security ■ whitepaper: the definitive guide to CASBs ■ report: cloud adoption by industry ■ case study: fortune 100 healthcare firm secure O365
  • 18.

Editor's Notes

  • #13 “By 2018, more than half of all bring your own device (BYOD) users that currently have an MDM agent will be managed by an agentless solution” - Gartner Inseparable
  • #15 Competition: Skyhigh, Netskope, Adallom
  • #16 Competition: Skyhigh, Netskope, Cloudlock, Elastica/Bluecoat
  • #17 in: CA, NY, MA, IL, N